AMENDMENTS TO THE CLAIMS 

Please amend the claims as follows: 
1-3. (Canceled). 

4. (New) A system to provide a remote computing client access to resources 
provided by at least one server in at least one target computing network, 
comprising: 

a point of presence node communicatively connected to the at least 
one target computing network; and 

at least one Internet Protocol Security concentrator resident in the 
point of presence node; 

at least one access server resident in the point of presence node, 
wherein the access server comprises a virtual private network module which 
implements a secure communication channel between the remote computing 
client and the at least one server in the target communication network. 

5. (New) The system of claim 4, wherein the remote computing device 
comprises a virtual private network module which cooperates with the virtual 
private network module resident in the point of presence node. 

6. (New) The system of claim 5, wherein: 

the virtual private network module in the remote client communicates 
with the virtual private network module in the access server using a message 
exchange mode; and 

the virtual private network module in the remote client receives 
application layer data from at least one application executing on the remote 
client. 

7. (New) The system of claim 6, wherein the virtual private network module 
in the access server implements a proxy client for at least one application 
executing on the remote computing device. 

8. (New) The system of claim 5, wherein the virtual private network module 
in the remote client and the virtual private module in the access server 



3 



establish an encrypted communication channel between a specific 
application executing on the remote client and the point of presence node. 

9. (New) The system of claim 8, wherein the virtual private network module 
in the remote client: 

generates a first encryption data set comprising a public portion and a 
private portion; and 

transmits the public portion of the first encryption data set to the 
virtual private network server in a session set-up message. 

10. (New) The system of claim 5, wherein the remote computing device 
further comprises a reconfiguration system module which collects system 
configuration data relating to the remote computing device, generates a 
system configuration file, and stores the system configuration file in a 

memory module in the remote computing device. 

1 1 . (New) The system of claim 10, wherein the at least one access server 
comprises: 

a central policy manager module that establishes configuration 
policies for one or more remote clients that access resources via the virtual 
private network server; and 

a reconfiguration system module that cooperates with the 
reconfiguration system module in the remote computing device to impose 
configuration changes on the remote computing device. 

12. (New) The system of claim 10, wherein the reconfiguration system 
implements an atomic reconfiguration process on the remote computing 
device. 

13. (New) The system of claim 5, wherein the remote computing device 
comprises a local proxy module that emulates an HTTP proxy server. 

14. (New) The system of claim 10, wherein the remote computing device 
comprises a client application tunneling module, wherein the client 
application tunneling module extracts destination IP addresses and port 
numbers from communication packets and invokes the reconfiguration 
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system module to reconfigure a name-to-address mapping for 
communications between tlie remote computing device and an application 
executing on a remote server. 

15. (New) The system of claim 5, wherein at least one server in the point of 
presence node further comprises a network address translation module that 
performs network address translation on incoming and outgoing packets to 
enable remote access to resources on one or more networks outside the 
target computing network. 

16. (New) The system of claim 15, wherein the network address translation 
module automatically determines a network configuration for the target 
network. 

17. (New) The system of claim 5, wherein: 

the at least one access server comprises a first network backup 
module; 

the remote computing device comprises a second network backup 
module; and 

the first network backup module and the second network backup 
module cooperate to back up and restore one or more files from the remote 
access server. 

18. (New). The system of claim 17, wherein the first network backup module 
maintains incremental backups of files used by the remote computing 

device. 
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